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Abstract 



This HO W TO provides best practice guidelines and configuration examples for installation of the 
ProLiant BL p-class G bE2 Interconnect Switch into a Cisco-based network. This guide is meant to be a 
tool to help direct decisions in planning, optimization and securing the G bE2 Interconnect Switch 
environment. W hile the best practices and configurations examples in this document could be used in 
real world environments, they are to be used only as guidelines. This HO W TO does not serve as a 
replacement for the G bE2 Interconnect Switch user guides, rather it is meant to serve as a supplement 
to this documentation. 

The intended audience for this paper includes engineers and system administrators familiar with the 
ProLiant BL p-C lass G bE2 Interconnect Switch. For readers not familiar with G bE2 Interconnect Switch, 
please see the ProLiant BL p-C lass G bE2 Interconnect Switch 0 verview white paper 1 as well as the 
user documentation that shipped with the G bE2 Interconnect Switch. 

Introduction 

This HO W TO identifies best practice guidelines and configuration examples for installation of the 
ProLiant BL p-class G bE2 Interconnect Switch into a Cisco-based network consisting of redundant 
Catalyst 6509 switches with the Catalyst switch operating system (CatO S). However, the examples in 
this document can used as general guidelines appropriate for network infrastructures consisting of 
other Cisco switches, with the CatO S or Internetwork 0 perating System Software (10 S), and network 
devices from other vendors including Nortel, Extreme, Foundry, 3Com, etc. 

The G bE2 Interconnect Switch is intended for applications that require up to 1000 megabits per 
second (M b/ s) G igabit Ethernet network adapter (N IC) consolidation, advanced network feature 
support (including future planned options for layer 3 and 4-7 switching), server blade Fibre C hannel 
pass-through, and future upg ra dea bility for 10 G igabit Ethernet bandwidth connectivity to the 
network. For additional information on the G bE2 Interconnect Switch, please see the ProLiant BL p- 
C la ss G bE2 Interconnect Switch 0 verview white paper 1 . 

For best practice guidelines for the entire p-C lass system, see the HP ProLiant BL System Best Practices 
G_uide 2 and the HP ProLiant BL System Common Procedures G uide 3 

Terminology 

The terminology that differs between the C isco Catalyst 6509 switch and the G bE2 Interconnect 
Switch documentation is identified in Table 1. 



Table 1. N etwork terminology cross reference 



HP ProLiant GbE2 Interconnect Switch 


Cisco Catalyst 6509 switch 


VLAN tagging, 802. 1Q tagging 


trunking, VLAN or 802.1Q encapsulation 


port VLAN identification (PVID) 


VLAN identification (VLAN ID) 


link aggregation, multi-link blinking (M LT) 


EtherC hannel, channeling 


spanning tree protocol group (STG ) 


spanning tree instance 


IEEE 802.1s, multiple spanning tree 


per VLAN spanning tree (PVST), PVST+ 



1 Available at http:/ / hl8004.wwwl.hp.com/ products/ servers/ prolia nt-bl/ p-class/ bl-p-interconnectswitrh2.html . 

2 Available at http:/ / ww5slpro.compaq.com/ support/ reference library/ viewdocument,asp?source=351359-001,xml&dt=264 , 

3 Available at http:/ / ww55lpro.compaq.com/ support/ reference library/ viewdocument,asp?source=351360-001,xml&dt=264 . 



Typographical conventions 

The following table describes the switch command typographic styles used in this guide: 



Table 2. Switch command typographical conventions 



HP Typeface 


Meaning 


Example 


AaBbCcl23 


This type displays in command examples and 
shows text that must be typed in exactly as shown. 


/cfg/vlan 


<AaBbCcl23> 


This italicized type displays in command examples 
as a parameter placeholder. Replace the 
indicated text with the appropriate real name or 
value when using the command. Do not type the 
brackets. 


/cfg/vlan <vlan number> 



To distinguish between ProLiant BL p-C lass G bE2 Interconnect Switch and Catalyst 6509 commands, 
each command will be preceded by a GbE2>> and 6509#, respectively. 



Critical features for successful deployment 

Understanding VLANsand VLAN tagging (VLAN trunking), spanning tree protocol, and multi-link 
trunking (channeling) is critical to the successful deployment of the G bE2 Interconnect switch. Each of 
these topics is covered providing a high-level primer inclusive of G bE2 Interconnect Switch command 
introduction and general configuration guidelines. Specific commands and configuration steps follow 
in the section titled "Common topological examples". For additional information, refer to the HP 
ProLiant BL p-Class G bE2 Interconnect Switch Application G uide 4 chapters 3 and 4. 

Virtual local area network 

A virtual local area network (VLAN ) is a network topology configured according to a logical scheme 
rather than the physical layout. VLAN s are used to logically segment traffic into different broadcast 
domains allowing packets to be forwarded only between ports within the VLAN . This enhances 
performance by conserving bandwidth and improves security by limiting traffic to specific domains. 

The standard practice of configuring VLAN s on an Ethernet switch is by assigning each port to a 
specific VLAN . In this port-based VLAN implementation, the switch identifies the specific VLAN 
membership of a packet per the port on which it was received. Individual VLAN s are defined via a 
configurable VLAN number. The VLAN number is known as port VLAN identification (PVID) on G bE2 
Interconnect Switches and VLAN identification (VLAN ID) on C isco Catalyst switches. The G bE2 
Interconnect Switch allows any PVID value from 2 to 4095 with PVID 1 reserved as the default VLAN . 
The default G bE2 Interconnect switch configuration has all ports assigned to PVID 1. 

The IEEE industry standard for VLAN s is 802. 1Q . Each G bE2 Interconnect Switch supports 255 port- 
based IEEE 802.1Q VLAN s. The G bE2 Interconnect Switch VLAN menu can be found under: 

GbE2>> /cfg/vlan <vlan number> 
VLAN tagging 

VLAN tagging (often called VLAN trunking or encapsulation by Cisco) is the process of inserting into 
a data frame a tag identifying its VLAN membership. VLAN tagging allows each switch port to 
belong to multiple VLAN s and provides the information switches need to create VLAN s across the 
network. 



Available at http:/ / ww55lpro.compaq.com/ support/ reference library/ viewdocument,asp?source=331403-001,xml&dt=264 . 



Switch ports may be configured as tagged or untagged. A tagged port may receive tagged or 
untagged frames and is capable of forwarding the frames appropriately. W hen a VLAN tagged 
frame arrives at a tagged port, the switch looks at the PVID in the tag to determine its VLAN 
membership before switching the packet to the correctport. If an untagged frame arrives on a tagged 
port, the switch will tag the frame with the PVID of that port. If a frame exits the switch via a tagged 
port, any tag will remain on the frame unchanged as it exits. 

An untagged port is only capable of switching untagged frames. Therefore, an untagged port will 
only see and accept incoming untagged frames. Frames received by the untagged port will be 
forwarded without any changes to the frame. For frames exiting the switch via an untagged port, any 
tag will be stripped from the frame before its forwarded. 

G bE2 Interconnect Switch ports may be individually configured as tagged or untagged using the 
following command: 

GbE2>> /cfg/port <port number>/tag ena 

W hen implementing VLAN tagging on the G bE2 Interconnect Switch, the PVID values must be 
established correctly between devices communicating in the VLAN . This option is found under: 

GbE2>> /cfg/port <port number >/pvid <PVID number> 

IP management interface 

The IP management interface provides management access to the G bE2 Interconnect Switch over an 
IP network. By default, the IP management interface is configured to request its IP address from a 
bootstrap protocol (BO OTP) server, but the IP address may also be assigned manually resulting in 
BO OTP being disabled. 

Carefully consider how VLAN s are configured within the G bE2 Interconnect Switch to ensure remote 
communication to the switch remains possible. In order to access the G bE2 Interconnect Switch for 
remote configuration, SN M P trap messages, and other remote management functions, confirm at least 
one IP management interface on the switch has a VLAN defined. 

It is possible to inadvertently disable access to management functions if the port associated with the IP 
management interface is excluded from VLAN membership. Likewise, if all IP interfaces remain within 
the default VLAN (VLAN 1) and all ports are configured for a different VLAN , such as VLAN 2, then 
G bE2 Interconnect Switch management features are effectively disabled. To avoid these situations, it 
is suggested that all ports used for remote G bE2 Interconnect Switch management remain on the 
default VLAN and that an IP management interface be assigned to the default VLAN . 

0 n the G bE2 Interconnect Switch, assign the IP management interface to a VLAN using the 
commands: 

GbE2>> /cfg/ip/if <number>/mask <mask> / addr <address> 
GbE2>> /cfg/ip/if <number>/vlan <vlan#>/ena/apply 



Spanning tree protocol 

Spanning tree protocol (STP) is used to ensure that redundant paths within a layer 2 network do not 
result in broadcast loops. For a layer 2 Ethernet network to function correctly, only one active path 
may forward frames between any two switches at a given time. 

Redundant connections between network switches can create loops or multiple forwarding paths. In 
layer 2 networks, these loops cause duplicate packets to be forwarded to the same destination over 
and over again until the network is completely saturated, which in turn prevents valid traffic from 
traversing the network. STP configures the network by allowing a switch to use the most efficient path 
while forcing the remaining redundant paths into a standby (blocked) state. If the forwarding path 
fails, STP automatically activates a standby path to sustain network operations. 



Spanning tree groups 

STP examines the network topology and defines a tree structure spanning all switches in a given layer 
2 network domain. These layer 2 network domains are called spanning tree groups (STG ). STG s are 
created by assigning a group of layer 2 switches to be part of a separate layer 2 network domain. 
W hen STP examines the network topology it only considers eliminating loops within a single STG . 
W ithin a layer 2 domain, there may be multiple STG s each operating its own individual STP 
algorithm to eliminate layer 2 loops. 

The IEEE industry standard for STP is defined in 802. ID. The G bE2 Interconnect Switch meets the IEEE 
802. ID standard and further provides interoperability with Cisco's Per VLAN Spanning Tree Plus 
(PVST+) via the use of STG s; refer to the "Multiple spanning tree groups" section for more information 
on PVST+. 

Bridging protocol data unit 

All network devices that are members of a spanning tree send out packets called bridging protocol 
data units (BPDU). A BPDU is a 64-byte packet sent by all switches participating in the spanning tree 
protocol providing information about each other. The BPDU includes information known as switch or 
bridge priority, port cost, and port priority used to establish a spanning tree root switch and which 
paths to designate as forwarding and blocking. 

Root bridge 

The STP root switch (or root bridge) is the base of the spanning tree topology much like the roots of a 
tree. All redundant paths to the root bridge within the spanning tree network are placed in the 
blocked mode. The root bridge is chosen by all the switches based on the results of the BPDU 
exchange process. 

Bridge priority 

The bridge priority is used to determine what switch is the root bridge. Bridge priority is a numerical 
value that may be configured on a switch. The lower a bridges priority value, the greater the chance 
it has of becoming the root bridge. If all switches are configured with the same default bridge priority 
setting, the switch with the lowest MAC address in the STP network becomes the root switch. Bridge 
priority is automatically assigned by the STP process, or may be manually configured on the G b E2 
Interconnect Switch using the following command: 

GbE2>> /cfg/stp <stg number>/brg/prior <new bridge priority> 
Port cost 

The port cost is a value assigned to each switch port. The port cost information is exchanged within 
the BPDU to help determine the lowest cost path to the root switch. The port with the lowest cost path 
is used as the forwarding port between two segments in the STG . All remaining paths within each 
segment are placed in a blocked state. 

The objective is to use the fastest links ensuring the route with the lowest cost is chosen. The spanning 
tree protocol assigns lower values to high-bandwidth ports, such as G igabit Ethernet, to encourage 
their use. The cost of a port also depends on whether the port operates at full-duplex (lower cost) or 
half-duplex (higher cost). For example, a 100-M b/ s (Fast Ethernet) link has a STP assigned "cost" of 
10 in half-duplex mode, and a cost of 5 in full-duplex mode. Port cost is automatically assigned by the 
STP process, or manually set on the G bE2 Interconnect Switch using the following command: 

GbE2>> /cfg/stp <stg number>/port<number>/cost <l-65535> 
Port priority 

The port priority is yet another STP value assigned to each switch port. In case of identical port costs, 
the port priority is used as a tie breaker to determine the lowest path cost to the root switch and the 
resulting forwarding port for each segment. Therefore, in a network topology segment that has 
multiple paths with the same post cost, the port with the lowest port priority becomes the designated 



port for the segment. It is also possible for the ports to have identical port priorities. If this is the case, 
the port number becomes the final decision criteria. Port priority is automatically assigned by the STP 
process, or manually set on the G bE2 Interconnect Switch using the following command: 

GbE2>> /cfg/stp <stg number>/port <port number>/prior <l-255> 



Multiple spanning tree groups 

The IEEE 802. ID standard considers the network topology of all the switches participating in the 
spanning tree network as one broadcast domain or one spanning tree group (STG ). It does not 
consider the logical VLAN implementation. Ports within different VLAN s are logically separated 
broadcast domains. W ith the 802. ID implementation, paths thatform physical loops within the 
network may be placed in a blocking state even though the VLAN topology would have not caused a 
layer 2 broadcast storm. 

To prevent this, the IEEE standard 802.1s was adopted as an extension to the original 8 02. ID 
standard. It allows multiple STG s within a network switch taking into consideration the VLAN logical 
topology. Forwarding and blocking decisions are now made according to the BPDU information 
within its own broadcast domain. IEEE 802.1s utilizes the 8 02.1 Q VLAN tagging method in its 
implementation. Prior to the adoption of 802.1s, Cisco developed a similar protocol known as Per 
VLAN Spanning Tree (PVST). PVST uses the Cisco proprietary Intra Switch Link (ISL) method of VLAN 
tagging. A more recent update to the protocol known as PVST+ provides the same functionality as 
PVST, but utilizes the 802.1Q VLAN tagging method. 

The GbE2 Interconnect Switch integrates into a PVST+ environment through the use of STG s. In the 
G bE2 implementation, an administrator creates an STG and then assigns a VLAN to it. This differs 
from the Cisco implementation where an administrator creates a VLAN and then a spanning tree 
instance (i.e. STG ) is automatically assigned to it. The PVST+ interoperability feature on the G bE2 
Interconnect Switch includes the following: 

• Tagged ports may belong to more than one STG , but untagged ports can belong to only one 
STG. 

• W hen a tagged port belongs to more than one STG , egress BPDUs are tagged to identify their 
STG membership. 

• An untagged port cannot span multiple STGs. 

• Sixteen STG s are supported perGbE2 Interconnect Switch. 

• The default STG 1 can hold multiple VLAN s, all other STGs (groups 2-16) can hold one VLAN . 

0 n each G bE2 Interconnect Switch, the six external ports (po rtsl 9-24) and the crosslink ports (ports 
17-18) are by default in STG 1. The STG can be changed for each port using the following 
command: 

GbE2>> /cfg/stp <stg number>/port <port number> 



VLAN and STG configuration guidelines 

W hen creating a VLAN on the G bE2 Interconnect Switch, that VLAN automatically belongs to the 
default STG 1. To add the VLAN in another STG , it must be assigned to another STG . Keep the 
following rules in mind when creating VLAN s and assigning STG s: 

• The default VLAN (VLAN 1) cannot be removed from the default STG 1. 

• VLAN s must be contained within a single STG ; a VLAN cannot span multiple STG s. 

• W hen a VLAN spans multiple switches, the VLAN must be within the same STG (have the same 
STG ID) across all the switches. 



• If ports are tagged, all trunked ports can belong to multiple STG s. 

• A port that is not a member of any VLAN cannot be added to a STG. The port must be added to 
a VLAN , and that VLAN added to the desired STG. 

• Tagged ports can belong to more than one STG , but untagged ports can belong to only one STG . 

• W hen a tagged port belongs to more than one STG , the egress BPDUs are tagged to distinguish 
the BPDUs of one STG from those of another STG . 

• An untagged port cannot span multiple STG s. 

• W hen a port is removed from a VLAN that belongs to an STG , that port will also be removed 
from the STG . However, if that port belongs to another VLAN in the same STG , the port remains 
in the STG . 

• An STG cannot be deleted, only disabled. If you disable the STG while it contains VLAN 
members, STP will be off on all ports belonging to thatVLAN . 

• If STP any port in the trunk is set to forwarding, the remaining ports in the trunk will also be set to 
forwarding 

M ulti-link trunking 

M ulti-link trunking (M LT), also know as link aggregation and port trunking (and EtherC hannel by 
Cisco), combines multiple physical switch ports into a single logical port called a trunk. The 
bandwidth of the trunk is the multiple of the bandwidth of the individual links. An algorithm 
automatically applies load balancing to the ports in the trunk. A port failure within the group causes 
the network traffic to be directed to the remaining ports. Load balancing is maintained whenever a 
link in a trunk is lost or returned to service. 

The industry standard for multi-link trunking is IEEE 802. 3ad. Cisco has developed a similar multi-link 
trunking method known as EtherC hannel. The G bE2 Interconnect Switch supports twelve IEEE 
80 2.3 ad (without LAC P 5 ) trunks per switch interoperable with EtherC hannel. Each trunk may contain 
two to six ports providing a 12-G bps aggregate throughput full duplex. 

Load balancing 

W ithin the trunk, the load distribution is determined by information embedded within the data frame. 
For traffic that does not contain IP information, the GbE2 Interconnect Switch elects the port with the 
lowest port number in the trunk to be the designated port for forwarding traffic. For traffic that 
contains IP addresses, the G bE2 Interconnect Switch will calculate the designated trunk port for 
forwarding traffic by using the statistical load balancing algorithm that considers the packet's source 
and destination IP addresses. 

Multi-link trunking and spanning tree 

A typical network is designed with multiple links between switches to provide increased bandwidth 
and redundant connections. In layer 2 networks, redundant links between switches create loops or 
multiple forwarding paths resulting in broadcast storms. The spanning tree protocol will identify these 
loops and place ports in a blocked state to eliminate the possibly of multiple forwarding paths. 
However, this defeats the purpose of using multiple connects between switches for increased 
bandwidth. M LT can be used to provide redundant links while ensuring that STP does not block this 
redundancy. W ithin a multi-link trunk, all the individual ports are seen as one logical by the spanning 
tree protocol. 



Link aggregation control protocol (LAC P) is an enhancement over EtherC hannel and other static multi-link trunking methods. LA CP dynamically 
learns about the link status and takes decisions on which links to use for and load balancing and tailback in case of link failure. As a result, 
IEE 802. 3ad with LACP is often called dynamic trunking. 



M ulti-link trunking configuration guidelines 

W hen creating trunks, consider the following configuration rules that determine how a trunk reacts in 
the network topology. 

• C onfirm the G bE2 Interconnect Switch ports to be trunked are set to enabled. 

• All trunks must originate from one device, and lead to one destination device. For example, it is 
not possible to combine a port from two different switches into one trunk. 

• Any physical switch port can belong to only one trunk. 

• Trunking from non-HP devices must comply with Cisco EtherChannel technology. 

• All ports within a trunk (trunk members) must be assigned to the same VLAN configuration before 
the trunk can be enabled. 

• All ports within the trunk must be configured to full duplex. 

• If the VLAN settings of any one trunk member are modified, the change cannot be applied until 
the VLAN settings of all trunk members are modified. 

• W hen an active G bE2 Interconnect Switch port is configured in a trunk, the port becomes a trunk 
member using the following trunk command: 

GbE2>> /cf g/trunk/trunk <trunk group>/add <port number>/ena 

The spanning tree parameters for the port will change to reflect the new trunk settings. 

• All trunk members must be in the same STG . If all ports are tagged, then all the ports within trunk 
can belong to multiple STGs; otherwise, only one STG membership is allowed. 

• W hen a trunk is enabled, the spanning tree participation setting of the trunk takes precedence 
over that of any individual trunk member. 

• If the spanning tree protocol participation of any trunk member is changed to enabled or 
disabled, the spanning tree participation of all members of that trunk changes similarly. 

• A trunk member cannot be a monitoring port in a port mirroring configuration. 

• Trunks act as a single logical port, but cannot be monitored by a monitor port; however, 
individual trunk members can. 

• The port speeds of each trunk member must be the same. 



Common topological examples 



Three common topological configurations are provided that highlight the main requirements for a 
successful configuration of the G bE2 Interconnect Switch into a C isco Catalyst 6509 network 
environment. Actual deployment scenarios may differ from the provided examples. Configuration 
guidelines and configuration settings for VLAN , spanning tree, multi-link trunking, and the port 
configuration are provided for each topology. 

The provided configuration steps are not the complete set necessary for a fully functioning system. Use 
these examples as guidelines when deploying the G bE2 Interconnect Switch in any specific 
environment. This information is intended to supplement the user documentation included with the 
GbE2 Interconnect Switch and the Catalyst 6509 switches. 

The configuration steps assume the G bE2 Interconnect Switch configuration is set to factory default. 
Fora list of G b E2 Interconnect Switch default settings, see Appendix B. To set the G bE2 Interconnect 
Switch configuration settings to the factory default, use the following procedure: 

1. Select the configuration block per the command: 

GbE2>> /boot/conf 



2. The system indicates which configuration block is currently set to be loaded at the next reset and 
prompts you to enter a new choice. Enter "factory" as the configuration block. 

3. To make the new configuration block changes active, the G bE2 Interconnect Switch must be reset 
per the command: 

GbE2>> /boot/reset 



You are then prompted to confirm your request. 

CAUTION : Prior to changing the configuration block, it is recommended any desired changes to 
the current configuration block be saved, see chapter 6 of the H P ProLiant BL p-C lass 
GbE2 Interconnect Switch Command Reference G uide 6 . 

NOTE: Resetting the GbE2 Interconnect Switch causes the spanning tree protocol to restart. 
This process can be lengthy depending on the topology of the network. 

All topologies assume a p-C lass server blade enclosure with eight ProUant BL20p series servers and 
two G bE2 Interconnect Switches operating at layer 2. The two G bE2 Interconnect Switches are 
connected to two Cisco Catalyst 6509 switches creating a redundant architecture. The Catalyst 6509 
switches are in turn connected to each other operating at layer 3. Each layer 2 configuration utilizes 
two VLAN s: the default VLAN (VLAN 1) for data and a second VLAN (VLAN 2) for Integrated Ughts- 
0 ut (i LO ) Advanced management. The separate i LO management VLAN isolates management traffic 
from the rest of the network minimizing the risk of a remote network device intercepting sensitive data. 
To avoid layer 2 loops and to interoperate with C isco's PVST+, a STG for each VLAN is configured 
for the topologies requiring the use of spanning tree. For redundancy, EtherChannel compatible multi- 
link trunking is configured on each topology where multiple links exist between switches. 

The configuration of each topology provides tradeoffs in the areas of performance, availability, 
design complexity, and the need for spanning tree (Table 3). Each topology utilizes all four exterior 
G igabit Ethernet ports (uplinks ports 19-22), but in a different design configuration. The front panel 
G igabit Ethernet ports (ports 23 and 24) are not connected to the C isco-based network and are 
available for local switch management, port analysis, and other administration tasks, and as 
additional uplinks. Each topology could be modified by connecting these front panel ports to the 
network increased bandwidth, added availability, creation of a remote port diagnostic network, etc. 



Available at http:/ / wwsslpro, Compaq, com/ support/ reference library/ viewdocument,asp?source=331404-Q01%20,xml&dt=264 , 



Table 3. Topology overview 



Topology 


Benefits 


Drawbacks 


1 


• Fully meshed design optimizing availability: 

- M aximum resiliency even with a dual link or dual 
non-like switch failure. 

- Loss of up to eight physical links without an 
interruption in service. 

• Separate VLAN isolating management traffic from 
the rest of the network for increased security. 


• Requires spanning tree protocol and its 
resulting convergence time delays. 

• Design complexity creates potential for 
added support. 

• N on-optimal throughput from G b E2 
Interconnect Switches to the Catalyst 65 09 
switches. 


2 


• N ear fully meshed providing a high level of 
availability 

- Service maintained after a dual link failure. 

- Single switch failure maintains connectivity to two 
other switches. 

• Less complex configuration as compared to topology 
1 decreasing support requirements. 

• Separate VLAN isolating management traffic from 
the rest of the network for increased security. 


• Requires spanning tree protocol and its 
resulting convergence time delays. 

• N on-optimal availability. 

• Configuration is still reasonably complex. 

• N on-optimal throughput from G b E2 
Interconnect Switches to the Catalyst 65 09 
switches. 


3 


• Good level of availability, service maintained after a 
dual link failure. 

• 0 ptimal throughput between the G b E2 Interconnect 
Switches and the Cisco network. 

• Spanning tree protocol is not required. 

• Topology simplification decreasing support 
requirements. 

• Separate VLAN isolating management traffic from 
the rest of the network for increased security. 

• From any single G bE2 Interconnect Switch uplink, 
communicate to all ProLiant BLserver N ICs and 
manage both switches. 


• Reduced availability: 

- G reater possibility of certain failures 
causing partial to total loss of service. 

- Loss of a switch results in all traffic 
converging through surviving switch, 
potentially causing performance issues. 



Topology 1: Fully meshed 

Topology 1 is a fully meshed configuration designed for maximum fault resiliency (Figure 1). It 
optimizes system availability by utilizing multiple links to ensure no single switch failure or even 
multiple dissimilar switch failures will result in an outage. However, this configuration requires the use 
of the spanning tree protocol. A pair of links between the G bE2 Interconnect Switch and Catalyst 
6509 switches must be placed in an STP blocking state reducing overall throughput. Additionally, the 
design complexity of this configuration creates the potential for added support. 

Topology 1 is ideal for network administrators who desire maximum availability at the expense of 
complexity, some throughput, and the management and potential convergence delays of STP. 



Figure 1. Topology 1 fully meshed architecture 



Cisco N etwork 




VLAN configuration 

Per Figure 1, this configuration utilizes two VLAN s for G bE2 Interconnect Switch ports and ports 
connecting the G bE2 switches to the 6509 switches: the default VLAN (VLAN 1) for data and a 
second VLAN that will be created (VLAN 2)foriLO Advanced management. Any remaining Catalyst 
6509 ports must be separate from VLAN s 1 and 2 and are collectively represented in Figure 1 as 
VLAN 3. 

NOTE: VLAN tagging (trunking) must be enabled on all ports within VLAN s 1 and 2. 
To configure the VLAN s on the switches, perform the following: 
1. On both Cisco 6509 switches, set the preferred VLAN trunk protocol mode: 
65 0 9# set vtp mode <mode> 



2. 0 n both C isco 6509 switches, configure both VLAN s (VLAN 1 and 2) per the command: 
650 9# set vlan 1-2 



3. On both Cisco 6509 switches, enable 802.10 tagging (VLAN trunking) on all ports connected to 
both G bE2 Interconnect Switches per the command: 

650 9# set trunk <module number> / <port number> nonegotiate dotlq 1-2 



4. On both G bE2 Interconnect Switches (G bE2 Switch A and G bE2 Switch B), enable tagging 
(VLAN encapsulation) on the four uplink ports (19-22) and the two crosslink ports (17-18) per the 
command: 

GbE2>> /cfg/port <number>/tag ena 



5. On both G bE2 Interconnect Switches, create the management VLAN 2 per the command: 
GbE2>> /cfg/vlan 2/ena 



6. On the GbE2 Switch B, add iLO ports to VLAN 2. This includes the GbE2 Switch B ports 1, 3, 5, 
7, 9, 11, 13, and 15. Use the following command to add the ports to VLAN 2: 

GbE2>> /cfg/vlan 2/add <port number> 



7. On both G bE2 Interconnect Switches, add ports 17-18 and 19-22 to VLAN 2 using the command 
identified in step 5. 

Spanning tree configuration 

To eliminate the physical loops in this topology, STP is required on the ports connecting the G bE2 
Interconnect Switches and the C isco Catalyst 6509 switches and on the G bE2 Interconnect Switch 
crosslink ports. This configuration also utilizes two STG s to separate the logical loops. To configure 
the STP on the switches, perform the following: 

1. 0 n the 6509 Switch A, set the bridge priority to 0 for both VLAN s 1 and 2, per the commands: 

65 0 9# set spantree priority 0 1 
65 0 9# set spantree priority 0 2 



2. 0 n 6509 Switch B, set the bridge priority to a slightly higher value than 6509 Switch A to ensure 
that if the primary root bridge fails, this second C atalyst 6509 switch becomes the root bridge. 
This allows the Catalyst 6509 switches to control the network and centralizes the administration. 
Use the following commands: 

65 0 9# set spantree priority 4096 1 
65 0 9# set spantree priority 4096 2 



N 0 TE: Do not alter the default bridge priority for either G bE2 Interconnect Switch. This will 
ensure that one of the Catalyst 6509 switches always becomes the root bridge. 

3. 0 n both G bE2 Interconnect Switches create a second STG (STG 2) and add VLAN 2 to it. To 
perform these tasks, use the following command: 

GbE2>> /cfg/stp 2/on/add 2 

N 0 TE: W hen adding a port to a VLAN that belongs to an STG , the port is also added to the 

STG . However, if the port being added to the VLAN is untagged and already a member 
of another STG , that port will not be added to an additional STG because an untagged 
port cannot belong to more than one STG . 

4. M odify the port cost to 100 on G bE2 Switch B, ports 17, 18, 21 and 22 using the command: 

GbE2>> /cfg/stp 2/port <port number > /cost 100 



This ensures that STP will behave in a predictable manner by blocking the G bE2 Switch B 
crosslink ports 17 and 18 and the uplink ports 21 and 22, and by placing all uplinks on G bE2 
Switch A in a forwarding state. 



Port configuration 

Configure the ports on the Cisco and HP blade switches by performing the steps listed below. 

1. On both Cisco C atalyst 6509 switches, configure the port speed and negotiation settings on all 
ports connected to the G bE2 Interconnect Switches per the commands: 

65 0 9# set port speed <module_number>/ <port_number> auto 

65 0 9# set port negotiation <module_number>/ <port_n\mber> enable 



2. Configure the port speed and negotiation for G bE2 Interconnect Switch ports 19-22 (on both 
GbE2 Interconnect Switches), per the commands: 

GbE2>> /cfg/port <port number>/gig/auto on 
GbE2>> / cfg/port <port number>/gig/mode full 



N 0 TE: This step is only necessary if the G bE2 Interconnect Switch default configuration has been 
modified. 

3. Utilizing Figure 1 as a reference, connect: 

- G bE2 Switch A ports 21 and 22 to 6509 Switch A 

- G bE2 Switch A ports 19 and 20 to 6509 Switch B. 

- G bE2 Switch B ports 21 and 22 to 6509 Switch B 

- G bE2 Switch B ports 19 and 20 to 6509 Switch A. 

N O TE: Ports 17 and 18 on each G bE2 Interconnect Switch are already connected across the 
server blade enclosure backplane and do not require any further physical connectivity. 

Multi-link trunking and EtherChannel 

This topology requires the creation of two trunks on each G bE2 Interconnect Switch and three 
EtherC hannel groups on each the Catalyst 6509 switch. Additionally, a default p reconfigured trunk 
(trunk 1) exists for the crosslink ports between the G bE2 Interconnect Switches. O ther trunks may also 
be present, as shown for VLAN 3 in Figure 1. 

N O TE: For this topology, G bE2 Interconnect Switch ports 19 and 20 represent trunk 2 and ports 21 
and 22 represent trunk 3. 

1. On both Cisco C a ta lyst 6509 switches, configure EtherChannel on the ports connected to both 
G bE2 Interconnect Switches per the command: 

65 0 9# set port channel <module number> / <port number> mode on 



2. Configure trunk 2 on each G bE2 Interconnect Switch per the commands: 

GbE2>> /cfg/trunk 2 

GbE2>> ena 

GbE2>> add 19 

GbE2>> add 20 



3. OneachGbE2 Interconnect Switch repeat the above steps, but for trunk 3 using ports 21 and 
22. 

N O TE: It should not be necessary to configure trunk 1 as it is part of the G bE2 Interconnect 
Switch default configuration. However, if the default configuration has been modified, 
configure trunk 1 using ports 17 and 18. 



Topology 2: Partial mesh 



Topology 2 is very similar in design to topology 1 except the G bE2 Interconnect Switch crosslink ports 
are manually disabled (Figure 2). This configuration maintains a high level of availability to ensure 
the loss of up multiple physical links without an interruption in service. The removal of the crosslink 
ports or switch-to-switch links between the G b E2 Interconnect Switches decreases availability to some 
degree. However, it has the added positive effect of a less complex configuration as compared to 
topology 1 thereby decreasing support requirements. 

Topology 2 is ideal for network administrators who need to maintain a high level of availability while 
minimizing some design complexity. 



Figure 2. Topology 2 partial mesh architecture 
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VLAN configuration 

Like topology 1, this configuration utilizes the default VLAN and i LO VLAN 2 for G bE2 Interconnect 
Switch ports and ports connecting the G bE2 switches to the 6509 switches. Any remaining Catalyst 
6509 ports must be separate from VLAN s 1 and 2 and are collectively represented in Figure 2 as 
VLAN 3. 

N O TE: VLAN tagging (trunking) must be enabled on all ports within VLAN s 1 and 2. 
To configure the VLAN s on the switches, perform the following: 

1. On both Cisco 6509 switches, set the preferred VLAN trunk protocol mode: 

65 0 9# set vtp mode <mode> 

2. On both Cisco switches, configure both VLAN s (VLAN s 1 and 2) per the command: 

650 9# set vlan 1-2 



3. 0 n both C isco switches, enable 802.1Q tagging (VLAN trunking) on all ports connected to both 
of the G bE2 Interconnect Switches per the command: 

650 9# set trunk <module number> / <port number> nonegotiate dotlq 1-2 



4. On both G bE2 Interconnect Switches (G b E2 Switch A and G bE2 Switch B), enable tagging 
(VLAN encapsulation) on the four uplink ports (19-22) per the command: 

GbE2>> /cfg/port <port number>/ tag ena 



5. OnbothGbE2 Interconnect Switches, create the management VLAN 2 per the command: 
GbE2>> /cfg/vlan 2/ena 



6. On the GbE2 Switch B, add iLO ports to VLAN 2. This includes the GbE2 Switch B ports 1, 3, 5, 
7, 9, 11, 13, and 15. Use the following command to add the ports to VLAN 2: 

GbE2>> /cfg/vlan 2/add <port number> 



7. On both G bE2 Interconnect Switches, add ports 19-22 to VLAN 2 using the command identified 
in step 5. 

Spanning tree configuration 

To eliminate the physical loops in this topology, STP is required on the ports connecting the G bE2 
Interconnect Switches and the Cisco C atalyst 6509 switches. This configuration also utilizes two STGs 
to separate the logical loops. To configure the STP on the switches, perform the following: 

1. 0 n the 6509 switch A, set the bridge priority to 0 for VLAN s land 2, per the commands: 

6509# setspantree priority 0 1 
6509# set spa ntree priority 0 2 

2. 0 n 6509 Switch B, set the bridge priority to a slightly higher value than 6509 Switch A to ensure 
that if the primary root bridge fails, this second C atalyst 6509 switch becomes the root bridge. 
This allows the Catalyst 6509 switches to control the network and centralizes the administration. 
Use the following commands: 

65 0 9# set spantree priority 4096 1 
65 0 9# set spantree priority 4096 2 



N 0 TE: Do not alter the default bridge priority for either G bE2 Interconnect Switch. This will 
ensure that one of the Catalyst 6509 switches always becomes the root bridge. 

3. 0 n both G bE2 Interconnect Switches create a second STG (STG 2) and add VLAN 2 to it. To 
perform these tasks, use the following command: 

GbE2>> /cfg/stp 2/on/add 2 



N 0 TE: W hen adding a port to a VLAN that belongs to an STG , the port is also added to the 

STG . However, if the port being added to the VLAN is untagged and already a member 
of another STG , that port will not be added to an additional STG because an untagged 
port cannot belong to more than one STG . 

4. M odify the port cost to 100 on G bE2 Switch B, ports 21 and 22 using the command: 

GbE2>> /cfg/stp 2/port <port number > /cost 100 



This ensures that STP will behave in a predictable manner by blocking the G bE2 Switch B uplink 
ports 2 1 and 22 and by placing all uplinks on G bE2 Switch A in a forwarding state. 



Port configuration 

Configure the ports on the Cisco and HP blade switches by performing the steps listed below. 

1. On both Cisco C atalyst 6509 switches, configure the port speed and negotiation settings on all 
ports connected to the G bE2 Interconnect Switches per the commands: 

65 0 9# set port speed <module_number>/ <port_number> auto 

65 0 9# set port negotiation <module_number>/ <port_n\mber> enable 



2. Configure the port speed and negotiation for G bE2 Interconnect Switch ports 19-22 (on both 
GbE2 Interconnect Switches), per the commands: 

GbE2>> /cfg/port <port number>/gig/auto on 
GbE2>> / cfg/port <port number>/gig/mode full 



N 0 TE: This step is only necessary if the G bE2 Interconnect Switch default configuration has been 
modified. 

3. On both G bE2 Interconnect Switches, disable ports 17 and 18 per the command: 

GbE2>> /cfg/port <port_number>/disable 

GbE2>> apply 
GbE2>> save 



4. Utilizing Figure 2 as a reference, connect: 

- G bE2 Switch A ports 21 and 22 to 6509 Switch A 

- G bE2 Switch A ports 19 and 20 to 6509 Switch B. 

- GbE2 Switch B ports 21 and 22 to 6509 Switch B 

- G bE2 Switch B ports 19 and 20 to 6509 Switch B. 

Multi-link trunking and EtherChannel 

This topology requires the creation of two trunks on each G bE2 Interconnect Switch and three 
EtherChannel groups on each the C atalyst 6509 switch. Othertrunks may also be present, as shown 
for VLAN 3 in Figure 2. 

N O TE: For this topology, G bE2 Interconnect Switch ports 19 and 20 represent trunk 2 and ports 21 
and 22 represent trunk 3. 

1. On both Cisco C a ta lyst 6509 switches, configure EtherChannel on the ports connected to both 
G bE2 Interconnect Switches per the command: 

65 0 9# set port channel <module number>/ <port number> mode on 



2. Configure trunk 2 on each G bE2 Interconnect Switch per the commands: 

GbE2>> /cfg/trunk 2 

GbE2>> ena 

GbE2>> add 19 

GbE2>> add 20 



3. O n each G bE2 Interconnect Switch repeat the above steps, but for trunk 3 using ports 21 and 
22. 



Topology 3: Straight-through 



Topology 3 is a "straight-through" design providing a simplified architecture with maximum 
throughput (Figure 3). Spanning tree protocol is not required further simplifying this configuration. 
However, this topology has reduced availability; certain failures can cause partial to total loss of 
service with the greater possibility of a performance bottleneck. 

The G bE2 Interconnect switch crosslinks are enabled in this configuration. These G igabit Ethernet links 
permit management of both switches and access to all ProLiant BL server N ICs from any single G bE2 
Interconnect Switch uplink. The crosslinks may be disabled in this configuration, but it is not advised. 
In this case, a failure of any one switch (whether G bE2 Interconnect Switch or Catalyst 6509) would 
cause the loss of service to one half the N ICs on each ProLiant server. 

Topology 3 is ideal for network administrators who desire a simplified architecture that provides high 
levels of performance at the expense of some availability. 



Figure 3. Topology 3 straight-through architecture 
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VLAN configuration 

Consistent with the other two topologies, this configuration utilizes the default VLAN and iLO VLAN 2 
for G bE2 Interconnect Switch ports and ports connecting the G bE2 switches to the 6509 switches. 
Any remaining Catalyst 6509 ports must be separate from VLAN s 1 and 2 and are collectively 
represented in Figure 3 as VLAN 3. 

N O TE: VLAN tagging (trunking) must be enabled on all ports within VLAN s 1 and 2. 
To configure the VLAN s on the switches, perform the following: 
1. On both Cisco 6509 switches, set the preferred VLAN trunk protocol mode: 
65 0 9# set vtp mode <mode> 



2. On both Cisco switches, configure both VLAN s (VLAN 1 and 2) per the command 



650 9# set vlan 1-2 



3. 0 n both C isco switches, enable 802.1Q tagging (VLAN trunking) on all ports connected to both 
of the G bE2 Interconnect Switches per the command: 

650 9# set trunk <module number> / <port number> nonegotiate dotlq 1-2 



4. On both G bE2 Interconnect Switches (G bE2 Switch A and G bE2 Switch B), enable tagging 
(VLAN encapsulation) on the four uplink ports (19-22) and the two crosslink ports (17-18) per the 
command: 

GbE2>> /cfg/port <port number>/ tag ena 



5. On both G bE2 Interconnect Switches, create the management VLAN 2 per the command: 
GbE2>> /cfg/vlan 2/ena 



6. On the GbE2 Switch B, add iLO ports to VLAN 2. This includes the GbE2 Switch B ports 1, 3, 5, 
7, 9, 11, 13, and 15. Use the following command to add the ports to VLAN 2: 

GbE2>> /cfg/vlan 2/add <port number> 



7. On both GbE2 Interconnect Switches, add ports 19-22 to VLAN 2 using the command identified 
in step 5. 

Spanning tree configuration 

This topology does not require spanning tree to be enabled as by design no loops are present. 
1. On both GbE2 Interconnect Swtiches, disable spanning tree, per the commands: 

GbE2» /cfg/stp 1/off 

GbE2>> save 



CAUTION : If the GbE2 Interconnect Switches are already connected to the Cisco network, perform 
step 3 in the "Port configuration" section before disabling spanning tree. 

Port configuration 

Configure the ports on the Cisco and HP blade switches by performing the steps listed below. 

1. On both Cisco C atalyst 6509 switches, configure the port speed and negotiation settings on all 
ports connected to the G bE2 Interconnect Switches per the commands: 

65 0 9# set port speed <module_number>/ <port_number> auto 

65 0 9# set port negotiation <module_number>/ <port_number> enable 



2. Configure the port speed and negotiation for G bE2 Interconnect Switch ports 19-22 (on both 
GbE2 Interconnect Switches), per the commands: 

GbE2>> /cfg/port <port number>/gig/auto on 
GbE2>> / cfg/port <port number>/gig/mode full 



N O TE: This step is only necessary if the G bE2 Interconnect Switch default configuration has been 
modified. 

3. On both G bE2 Interconnect Switches, disable ports 17 and 18 per the command: 

GbE2>> /cfg/port <port_number>/disable 

GbE2>> apply 
GbE2>> save 



4. Utilizing Figure 2 as a reference, connect: 

- G bE2 Switch A ports 19, 20, 21 and 22 to 6509 Switch A 

- GbE2 Switch B ports 19, 20, 21 and 22 to 6509 Switch B 

Multi-link trunking and EtherChannel 

This topology requires the creation of two trunks on each G bE2 Interconnect Switch and three 
EtherC hannel groups on each the Catalyst 6509 switch. Additionally, a default p reconfigured trunk 
(trunk 1) exists for the crosslink ports between the G bE2 Interconnect Switches. O ther trunks may also 
be present, as shown for VLAN 3 in Figure 1. 

N O TE: For this topology, G bE2 Interconnect Switch ports 19 and 20 represent trunk 2 and ports 21 
and 22 represent trunk 3. 

1. On both Cisco C a ta lyst 6509 switches, configure EtherChannel on the ports connected to both 
G bE2 Interconnect Switches per the command: 

65 0 9# set port channel <module number> / <port number> mode on 



2. Configure trunk 2 on each G bE2 Interconnect Switch per the commands: 

GbE2>> /cfg/trunk 2 

GbE2>> ena 

GbE2>> add 19 

GbE2>> add 20 

GbE2>> add 21 

GbE2>> add 22 



N O TE: It should not be necessary to configure trunk 1 as it is part of the G bE2 Interconnect 
Switch default configuration. However, if the default configuration has been modified, 
configure trunk 1 using ports 17 and 18. 

Topology summary 



In summary, the three provided topologies differ primarily in their data throughput the need for 
spanning tree, design complexity, and level of availability (Table 4). 

Table 4. Topology summary 





Topology 


1 


2 


3 


Level of availability 


O ptimal 


High 


Good 


G bE2 Interconnect Kit total uplink throughput (full duplex) 


High 
(12 Gbps)* 


High 
(12 Gbps)* 


O ptimal 
(16 Gbps)* 


Spanning tree protocol required 


Yes 


Yes 


No 


Design complexity 


High 


M edium 


Low 


Utilizes EtherChannel / multi-link trunking 


Yes 


Yes 


Yes 


Separate VLAN for isolating i LO management traffic 


Yes 


Yes 


Yes 


M anage both G bE2 Interconnect Switches from any of its uplink ports 


No 


No 


Yes 


Communicate to all N ICs from any G bE2 Interconnect Switch uplink port 


No 


No 


Yes 



* Maybe increased by an additional 8 G bps full duplex by utilizing the G igabit Ethernet ports on the front of each G bE2 
Interconnect Switch 



Securing the GbE2 Interconnect Switch 

HP recommends a variety of best practices to ensure the security of the network is maintained when 
deploying GbE2 Interconnect Switches. The suggestions provided here are applicable to the GbE2 
Interconnect Switch independent of specific vendor used for the network infrastructure components. 

M anagement interfaces 

The G bE2 Interconnect Switch provides many standard management access features, some of which 
provide potential security risks within a given network environment. There are several recommended 
practices that can be applied to decrease exposure and increase security. 

Command line interface 

The G bE2 Interconnect Switch command line interface (C LI) allows switch management locally via the 
serial portor remotely via Telnetand SSH. Since Telnet transmits data in clear text, HP recommends 
using only secure shell (SSH) for remote CLI management, unless the end-to-end path has no external 
access and there are no known means by which this traffic can be monitored. 

It is recommended the default Telnet TCP p o rt 2 3 be changed using the commands: 

GbE2>> /cfg/sys/tnport <TCP port number> 

Additionally, HP recommends modifying the defaultCLI idle timeout setting of five minutes to a value 
consistent with network security practices, per the command: 

GbE2>> /cf g/sys/idle <idle time in minutes> 

Browser based interface 

TheGbE2 Interconnect Switch browser based interface (BBI) allows remote switch management via a 
web console. Like Telnet, the HTTP interface can be vulnerable to security attacks. HP recommends the 
BBI only be used when the integrity and security of the connection cannot be compromised. 
Additionally it is recommended that the default TC P connection port of 80 be changed using the 
command: 

GbE2>> /cfg/sys/wport <TCP connection port number> 

Setting source IP address range 

To limit management access to the G bE2 Interconnect Switch without having to configure filters for 
each switch port, HP recommends the source IP address range be configured using the commands: 

GbE2>> /cfg/sys/mnet <management network, such as 192 .192 .192 . 0> 
GbE2>> /cfg/sts/mmask <management mask, such as 255 . 255 . 255 . 128> 

For the above example management network and mask addresses, any packet is discarded that is 
addressed to a G bE2 Interconnect Switch IP interface with a source IP address outside the range of 
192.192.192.1 to 192.192.192.127. 

SN MP management 

The G bE2 Interconnect Switch software provides simple network management protocol (SN M P) vl.O 
support for access through network management software, such as HP 0 penView and Insight 
M anager 7. For improved security, HP recommends the default read and write community strings 
(public and private, respectively) and the trap host community strings be changed using the 
commands: 

GbE2>> /cfg/snmp/rcomm <SNMP read community string> 
GbE2>> /cfg/snmp/wcomm <SNMP write community string> 
GbE2>> /cfg/snmp/tlcomm <lst trap host community string> 
GbE2>> /cfg/snmp/t2comm <2nd trap host community string> 



RADIUS 



The GbE2 Interconnect Switch, acting as the RADIUS client, communicates to the RADIUS server to 
authenticate and authorize a remote administrator using the protocol definitions specified in RFC 
2138 and 2866. The use of RADIUS is highly recommended as it allows for accounting and auditing 
of connections that the G bE2 Interconnect Switch does not natively posses. For configuration 
procedures, refer to the H P ProLiant BL p-C lass G b E2 Interconnect Switch Application G uide chapter 
l 7 and the H P ProLiant BL p-C lass G bE2 Interconnect Switch Command Reference G uide chapter 6 8 . 

Passwords 

HP recommends all G bE2 Interconnect Switch default passwords be changed at initial configuration 
and as regularly as required under the network security policies. 

• To change the user, operator, and administrator management passwords, see the H P ProUant BL 
p-C lass GbE2 Interconnect Switch Command Reference G uide chapter 3 8 . 

• To change the SCP administrator password, see the HP ProLiant BL p-C lass G bE2 Interconnect 
Switch Application G uide chapter l 7 . 

Additional best practices 

Additional steps are recommended to ensure that the G bE2 Interconnect Switch is easily serviceable 
and readily available within the network environment. The suggestions provided here are applicable 
to the G bE2 Interconnect Switch independent of specific vendor used for the network infrastructure 
components. 

• Record the G bE2 Interconnect Switch M AC address located on the exterior switch label. 

• Save a copy of the switch configuration setting by performing one or both of the following 
methods. 

1. Capture the configuration file a terminal screen using the dump command: 

GbE2 >> /cfg/dump 

This will print the text to the console screen which can be saved to a text file. 

2. Save the configuration to a using TFTP or SC P using one of the following commands: 

GbE2>> /cfg/ptcfg <TFTP server IP address> <config. file name> 



GbE2>> scp <switch IP address > : getcf g <local file name> 

NOTE: The output file is formatted with line-breaks, but no carriage returns. The file cannot 
be viewed with editors that require carriage returns (such as M icrosoft N otepad). 

• Install a second version of the operating system firmware. The GbE2 Interconnect Switch 
includes two flash regions to store firmware. For more information, refer to the HP ProUant BL p- 
C la ss G bE2 Interconnect Switch Command Reference G uide chapter 8 9 . 

• Configure redundant syslog servers. For more information, refer to the H P ProLiant BL p-C lass 
GbE2 Interconnect Switch Command Reference Guide chapter 6 9 . 



7 Available at http:/ / wwsslpro, Compaq, com/ support/ reference library/ viewdocument,asp?source=331403-001,xml&dt=264 

8 Available at http:/ / wwsslpro, Compaq, com/ support/ reference library/ viewdocument,asp?source=331404-Q01%20,xml&dt=264 , 
! Available at http:/ / wwsslpro, Compaq, com/ support/ reference library/ viewdocument,asp?source=33 1404-00 l%2 0,xml&dt=264 . 



• To avoid compromising security, configure the interconnect switches and then physically 
connect them to the network infrastructure. Alternately, use the HP Diagnostic Station to 
configure the switches outside the rack environment prior to installation. 

• Simplify G bE2 Interconnect Switch deployment. G iven that most implementations will be similar 
between the two GbE2 Interconnect Switches within a ProLiant p-C lass server blade enclosure, 
it is possible to configure one switch, download the existing configuration via TFTP or SC P, or 
capture the screen text from a / cfg/ dump, and then modify the configuration for the other 
switch. W hen performing this action, consider the following for the switch the new 
configuration is being applied: 

1. M odify the VLAN settings as needed for items such as individual server VLAN requirements 
and the differences between the type of N IC port(iLO versus data). 

2. Verify spanning tree settings including STGs, especially if the configuration includes 
tagging (trunking) different VLAN s between the G b E2 Interconnect switches. 

3. Change the management interface to avoid an IP conflict. 

CAUTION : The Cutting and pasting of configuration settings can sometimes result in lost 
information due to the limited buffer size on some consoles. The recommended 
method is to use TFTP or SCP whenever possible. 



Appendix A: GbE2 Interconnect Switch architecture 



Two G bE2 Interconnect Switches are packaged into a G bE2 Interconnect Kit providing an end-to-end, 
fully redundant architecture that maximizes network availability. Redundant network adapters (N ICs) 
are routed from each server blade bay to each hot-swappable interconnect switch (four N ICs total per 
server bay) creating a fully meshed topology to the external Ethernet network (Figure 4). For more 
information about the network design within the server blade enclosure, see the ProLiant BL p-C lass 
N etworking 0 verview 10 white paper. 



Figure 4. ProLiant BL p-C lass G bE2 Interconnect Switch architecture 
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This is the default enabled PXE NIC. Using the ROM setup utility on the server, any other data NIC may be PXE enabled. 



Port No. Port Type C-GbE2 



F-GbE2 



1-16 Downlink 

17, 18 Crosslink 

19, 20 Uplink 

21,22 Uplink 

23, 24 Front Panel 



10/ 100/ 1000 
10/ 100/ 1000 
10/ 100/ 1000T 
10/ 100/ 1000T 
10/ 100/ 1000T 



10/ 100/ 1000 
10/ 100/ 1000 
1000SX 
1000SX 

10/ 100/ 1000T 



The G bE2 Interconnect Switch supports all ProLiant BL p-Class server blades in mix and match 
combinations. Depending on the type and number of server blades installed in the server blade 
enclosure, not all G bE2 Interconnect Switch ports may be utilized. Also, the individual labeling of 
each N IC on the server blades is dependant on the server, the server operating system, and the N ICs 
that are enabled on the server. To verify connectivity to a specific N IC from a GbE2 Interconnect 
Switch port, use the switch ping command: 

GbE2>> ping <NIC IP address > 



Available at http:/ / hl8QQ4.wwwl.hp.com/ products/ servers/ pro lia nt-b 1/ p-class/ bl-p-interconnect-switch2.html . 



Appendix B: GbE2 Interconnect Switch default settings 

This section provides the default settings for the G bE2 Interconnect Switch. 

• Table B-l contains general default settings for both switch A and switch B 

• Table B-2 contains port name, VLAN , and trunking default settings for switch A 

• Table B-3 contains port name, VLAN , and trunking default settings for switch B 



Table B-l. Switch A and switch B general default settings 



Setting 


Value 


N otice 


N one 


Banner 


N one 


User N ames/ Passwords 


User Name: Password: 
user— Enabled user 
oper— Disabled None 
admin— Enabled (cannot be disabled) admin 


BO OTP Service 


Enabled 


IP Address (if manual IP option is selected) 


0.0.0.0 


Subnet M ask (if manual IP option is selected) 


0.0.0.0 


Primary DefaultG ateway 


0.0.0.0 


Secondary DefaultG ateway 


0.0.0.0 


Primary DN S Server Address 


0.0.0.0 


Secondary DNS Server Address 


0.0.0.0 


Default Domain N ame 


N one 


M anagement N etwork/ M ask 


0.0.0.0/0.0.0.0 


Switch Software Image on N ext Boot 


Imagel 


Switch Config File on N ext Boot 


Active 


Display Hostname (sysN ame) in CU Prompt 


Disabled 


Idle Timeout 


5 minutes 


Telnet Status 


Enabled 


Telnet Port 


23 


W eb Status 


Enabled 


W eb Port 


80 


Backpressure 


Disabled 


Port State 


Enabled 


Port Speed/ Duplex 


Auto 


Flow Control 


Off 


STP 


STG 1- Enabled with Default VLAN (VID=1) 

Port 1-16 (Server Ports) STP- Disabled at Port Level 

STG 2-16- Disabled 


Bridge M ax Age 


2 0 seconds 


Bridge Hello Time 


2 seconds 


Bridge Forward Delay 


15 seconds 


Bridge Priority 


32768 


M AC Address Aging Time 


300 seconds 


Port Priority 


128 


Path Cost 


19 for ports 1-16 and 19-24 
4 for ports 17-18 


Static VLAN Entry 


DefaultVLAN (VID = 1) 


PortVID 


1 for all ports 


Default VLAN 


Default VLAN (VID=1) with all ports assigned including CPU, STG =1 



Table B-l. Switch A and switch B general default settings continued 



Setting 


Value 


Port Trunking 


Trunk G roup 1, Enabled with Port 17 and 18 


Port Trunking Load Sharing Algorithm 


Src M ac Address 


Port M irroring— M irror Status 


Disabled 


Port M irroring— M irror Port 


N one Selected 


Port M irroring— M irror Port Traffic Direction 


N one Selected 


Port M irroring— M onitoring Port 


N one Selected 


SN M P 


Disabled 


SN M P System N ame 


N one 


SN M P System Location 


N one 


SN M P System Contact 


N one 


SN M P Community String/ Access Right 


Public = readonly- 




Private = read/ write 


SN MP Trap Hostl 


0.0.0.0 


SN M P Trap Host 1 Community String 


Public 


SN MP Trap Host 2 


0.0.0.0 


SN M P Trap Host 2 Community String 


Public 


SN M P Authentication Traps 


Disabled 


SN M P Link Up/ Down Traps 


Enabled 


Security IP N etwork/ M ask 


0.0.0.0/0.0.0.0 


TFTP Server IP Address 


0.0.0.0 


TFTP Port N umber 


69 


Firmware Upgrade 


File name = none 


Configuration File from TFTP Server 


File name = none 


Configuration File to TFTP Server 


File name = none 


PIN G Tool 


Target address = undefined 




Default tries = 4 


TraceRoute Tools 


Target address = undefined 


Serial Port Baud Rate 


9600 


Serial Port Data Bit 


8 


Serial Port Parity Bit 


N one 


Serial Port Stop Bit 


1 


Serial Port Flow Control 


N one 


N TP State 


Disabled 


N TP Server 


0.0.0.0 


N TP Resync Interval 


720 minutes 


GMT Timezone 0 ffset 


-06:00 


Daylight Savings Time State 


Disabled 


System Up Time 


0 days 00 :00 :00 


Current Time 


RTC or NTP (00 :00 :00) 


Date 


N one 


Syslog Host 


0.0.0.0 


Syslog Host 2 


0.0.0.0 


Syslog Host Severity 


7 


Syslog Host 2 Severity 


7 


Syslog Console 0 utput 


Disabled 



Table B-l. Switch A and switch B general default settings continued 



JC LLI 1 1 U 


Value 


Log 


console— Enabled 




system— Enabled 




mgmt— Enabled 




cli— Enabled 




stp— Enabled 




vian — tnaDiea 




ssh — Enabled 




ntp— Enabled 




ip— Enabled 




web— Enabled 


RSA Server Key Autogen Interval 


0 


RSA Server Key Autogen 


Disabled 


SSH Server 


0 n 


SC P-only Administrator Password 


admin 


SSH Server Port 


22 


SC P Apply and Save 


Enabled 


RADIUS Server 


Off 


RADIUS Secret 


N one 


Primary RADIUS Server 


0.0.0.0 


Secondary RADIUS Server 


0.0.0.0 


RADIUS Server Port 


1645 


RADIUS Server Retries 


3 


RADIUS Server Timeout 


3 


RADIUS Backdoor for Telnet Access 


Disabled 


Re-ARP Period in M inutes 


10 



Table B-2. Switch A port name, VLAN , and trunking default settings 



Note: The default port names are provided as one example and may or may not be completely applicable to the server 
configuration being deployed. It is recommended that the port names be modified as necessary to reflect the server 
configuration. 



Port Type 


Port 
No. 


Speed 


VID 


VLAN 

Membership 


VLAN Name 


Port Name 


STP 


Trunk 
Group 


Server 


1 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


Default VLAN 


ServerlPortl 


Disabled 




Server 


2 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


Default VLAN 


Serverl_Port2 


Disabled 




Server 


3 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


Default VLAN 


Server2_Portl 


Disabled 




Server 


4 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


Default VLAN 


Server2_Port2 


Disabled 




Server 


5 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


Default VLAN 


Server3_Portl 


Disabled 




Server 


6 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


Default VLAN 


Server3_Port2 


Disabled 




Server 


7 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


Default VLAN 


Server4_Portl 


Disabled 




Server 


8 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


Default VLAN 


Server4_Port2 


Disabled 




Server 


9 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


Default VLAN 


Server5_Portl 


Disabled 




Server 


10 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


Default VLAN 


Server5_Port2 


Disabled 




Server 


11 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


Default VLAN 


Server6_Portl 


Disabled 




Server 


12 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


Default VLAN 


Server6_Port2 


Disabled 




Server 


13 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


Default VLAN 


Server7_Portl 


Disabled 




Server 


14 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


Default VLAN 


Server7_Port2 


Disabled 




Server 


15 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


Default VLAN 


Server8_Portl 


Disabled 




Server 


16 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


Default VLAN 


Server8_Port2 


Disabled 




Crosslink 


17 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


Default VLAN 


Xconnect_l 


Enabled 


1 


Crosslink 


18 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


DefaultVLAN 


Xconnect_2 


Enabled 


1 


Uplink 


19 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


DefaultVLAN 


Ul_Port_19 


Enabled 




Uplink 


20 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


DefaultVLAN 


Ul_Port_2 0 


Enabled 




Uplink 


2 1 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


Default VAN 


U2_Port_2 1 


r~ — . _ III 

Enabled 




Uplink 


22 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


DefaultVLAN 


U2_Port_22 


Enabled 




Front Panel 


23 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


DefaultVLAN 


FrontPanell 


Enabled 




Front Panel 


24 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


DefaultVLAN 


FrontPanel2 


Enabled 





Table B-3. Switch B portname, VLAN , and trunking default settings 



Note: The default port names are provided as one example and may or may not be completely applicable to the server 
configuration being deployed. It is recommended that the port names be modified as necessary to reflect the server 
configuration. 



Port Type 


Port 
No. 


Speed 


VID 


VLAN 

Membership 


VLAN Name 


Port Name 


STP 


Trunk 
Group 


Server 


1 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


Default VLAN 


ServerlJLO 


Disabled 




Server 


2 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


Default VLAN 


Serverl_Port3 


Disabled 




Server 


3 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


DefaultVLAN 


Server2_iLO 


Disabled 




Server 


4 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


Default VLAN 


Server2_ PorQ 


Disabled 




Server 


5 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


DefaultVLAN 


Server3_iLO 


Disabled 




Server 


6 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


DefaultVLAN 


Server3_ PorQ 


Disabled 




Server 


7 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


DefaultVLAN 


Server4_iLO 


Disabled 




Server 


8 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


DefaultVLAN 


Server4_Port3 


Disabled 




Server 


9 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


DefaultVLAN 


Server5_iU0 


Disabled 




Server 


10 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


DefaultVLAN 


Server5_Port3 


Disabled 




Server 


11 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


DefaultVLAN 


Server6_iLO 


Disabled 




Server 


12 


10/100/1000 
(Auto) 




Egress/ Untag 


DefaultVLAN 


Server6_Port3 


Disabled 




Server 


13 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


DefaultVLAN 


Server7_iLO 


Disabled 




Server 


14 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


DefaultVLAN 


Server7_ PorQ 


Disabled 




Server 


15 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


DefaultVLAN 


Server8_iLO 


Disabled 




Server 


16 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


DefaultVLAN 


Server8_ PorQ 


Disabled 




X-Connect 


17 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


DefaultVLAN 


XConnect_l 


Enabled 


1 


X-Connect 


18 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


DefaultVLAN 


XConnect_2 


Enabled 


1 


M Uplink 


19 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


DefaultVLAN 


Ul_Port_19 


Enabled 




M Uplink 


20 


10/ 100/ 1000 
(Auto) 


1 


Egress/ Untag 


DefaultVLAN 


Ul_Port_2 0 


Enabled 




D Uplink 


21 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


DefaultVLAN 


U2_Port_2 1 


Enabled 




D Uplink 


22 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


DefaultVLAN 


U2_Port_2 2 


Enabled 




Front Panel 


23 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


DefaultVLAN 


FrontPanell 


Enabled 




Front Panel 


24 


10/ 100/ 1000 
(Auto) 




Egress/ Untag 


DefaultVLAN 


FrontPanel2 


Enabled 





For more information 



For additional information, refer to the resources detailed below. 



Resource description 


Web address 


ProLiant BLp-Class G bE2 


http:/ / hi 80 04. www 1. hp. com/ products/ servers/ proliant-bl/ p-class/ bl-p-interconnect- 


Interconnect Switch home page 


switch2.html 


ProLiant BLp-Class G b E2 


http:/ / wwsslpro.compag.com/ support/ reference library/ viewdocument.asp?source= 


Interconnect Switch Application 


331403-001 .xmlSid t=2 64 


G uide 




ProLiant BLp-Class G b E2 


http:/ / wwsslpro.compag.com/ supporty reference library/ viewdocument.asp?source= 


Interconnect Switch Command 


331 404-0 01%2 0.xml&dt=2 64 


Reference G uide 




ProLiant BLp-Class G bE2 


http:/ /h71025.www7.hp.com/ support/ reference library/ view document, a sp?country 


Interconnect Switch W eb-based 


code=1000&prodid=5726&source=33 1401-00 l.xml&dt=264&docid=20470 


Interface Reference Guide 




ProLiant BLp-Class GbE2 


http:/ / h71025.www7.hp.com/ support/ reference library/ viewdocument.asp?country 


Interconnect Switch User G uide 


code=1000&prodid=5726&source=33 1399-00 l%20.xml&dt=2 64&docid=20467 






ProLiant BLp-Class G bE2 


http:/ / hl8004.wwwl.hp.com/ products/ servers/ proliant-bl/ p-class/ bl-p-interconnect- 


Interconnect Switch 0 verview 


switch2.html 


white paper 




ProLiant BLp-Class N etworking 


httn - / / hi 8004 wwwl hn com/ nrodnrts/ sprvprs/ nrolianf-hl/ n-rlass/ hl-n-infprronnprf- 

1 1 *-<-\J ■/ / 1 11 U U ■ If 11 V) 1 . M|J .LUI 11/ \J 1 \J U U C Lj/ jC 1 V CI J/ ^MWIICllllUI/ \J 1 Q D Dj U 1 \J III LC 1 1 II 1 CLL 


0 verview white paper 


switch2.html 


Using ProLiant Essentials Rapid 


http:/ / hl8004.wwwl.hp.com/ products/ servers/ proliant-bl/ p-class/ bl-p-interconnect- 


Deployment Pack for scripted 


switch2.html 


blade-based switch configuration 




white paper 




ProLiant network adapter teaming 


http:/ / www.compag.com/ products/ servers/ networking/ teaming.html 




HP ProUantBL System Best 


http:/ / wwsslpro.compag.com/ support/ reference library/ viewdocument.asp?source= 


Practices G uide 


351359-001. xml&dt=264 


HP ProLiant BLSystem Common 


http:/ / wwsslpro.compag.com/ support/ reference library/ viewdocument.asp?source= 


Procedures G uide 


351360-001. xml&dt=264 
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